Microsoft
A file photo showing Microsoft logo REUTERS/Pichi Chuang

The malware called the Dridex attempts to capture confidential data when user logs in to his online bank account by creating HTML fields that requires him to key in additional information like his social security number. As they say, history repeats itself. Dridex is much similar to another malware in the past called Cridex which also aims to steal an individual's banking information, Hitech Journal reports.

The difference of Dridex to the past malware is that it tries to infect the user's computer's system. The virus is in a form of macro that is hidden in a Microsoft Word document found in a spam email.

According to the malware description provided by Enigma Software, Dridex is another version of a dreadful data collector. Its main duty is to collect bank security data by adding automated scripts containing recurrent assignments into the Microsoft Office package. Microsoft Word will be used to send out messages, which allegedly include financial documentation. When the recipient opens the corrupted document, the scripts can actually start their assignment, which is to collect online banking related information and sending it to remote servers.

Dridex will give its creators access to the user's banking accounts and transfer account balance to their personal accounts. The malware is highly harmful and online users must be extra careful.

By default, most PC's disable macros from running and the system will prompt users to enable macros only when a malicious Word file is opened. When the user opts to enable macros, Dridex will start downloading to the PC, as explained in a blog by threat response engineer Rhena Inocencio.

Apparently, the concept is not something new to the public. Cybercriminals have utilized macros more than a decade ago but due to the upgrades in the security system of Microsoft, the macros became ineffective as a criminal tool. However, cyber-attackers are trying to use them again.

Dridex infused spam messages came mostly from countries like Vietnam, India, Taiwan, South Korea and China. Victims of the malware are Australia, the U.K. and the United States.